VMware dominates the fast-growing market for "virtual machine" software, a decades-old concept that the company updated to let the work of a dozen or more computer servers be piled onto a single machine. That helps cut hardware budgets and soaring electric bills at data centers.$26B is no joke! Their software in no joke! Hey, we weren't kidding when we started out blogging!
Some experts believe virtualization could fundamentally alter the computing landscape as companies cope with storing and transmitting ever-growing piles of data. "If the average investor could have understood Moore's Law 30 years ago, he would have invested in it. This is like Moore's Law," says Ray Lane, a managing partner at venture capital firm Kleiner Perkins Caufield & Byers, referring to the concept that chip and computer performance rise while prices fall. (Kleiner Perkins has a stake in a rival virtualization outfit.)
vulnerable software: VMware Workstation 6.0 for Windows, possible some other VMware products as well type of vulnerability: DoS, potential privilege escalation I found a vulnerability in VMware Workstation 6.0 which allows an unprivileged user in the host OS to crash the system and potentially run arbitrary code with kernel privileges. The issue is in the vmstor-60 driver, which is supposed to mount VMware images within the host OS. When sending the IOCTL code FsSetVoleInformation with subcode FsSetFileInformation with a large buffer and underreporting its size to at max 1024 bytes, it will underrun and potentially execute arbitrary code. Security focus
Comments
Post a Comment